According to https://datatracker.ietf.org/doc/html/rfc8446#section-4.1.3
A client which receives a legacy_session_id_echo field that does not match what it sent in the ClientHello MUST abort the handshake with an "illegal_parameter" alert. So we can't use the legacy_session_id_echo of SH. > On Sep 11, 2024, at 17:35, A A <tom25...@yandex.com> wrote: > > I don't think need to use random, we can use Session ID, which is deprecated > since TLS 1.3. Random is used to derive master key, AFAIK. >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
